Data Protection Regulation

Deutschland

SSL or TLS encryption

When you enter your data on websites, place online orders or send e-mails via the Internet, you must always be prepared for unauthorized third parties to access your data. There is no complete protection against such access. However, we do our utmost to protect your data as best we can and to close security gaps as far as we can.

An important protection mechanism is the SSL or TLS encryption of our website, which ensures that data you transmit to us cannot be read by third parties. You can recognize the encryption by the lock icon in front of the Internet address entered in your browser and by the fact that our Internet address begins with https:// and not with http://.

Data transfer to the USA

On our website, we use tools from companies that transfer your data to the USA and store it there and, if necessary, process it further. The European Commission has adopted an adequacy decision for the EU-US data protection framework. The decision establishes that the US ensures an adequate level of protection for EU personal data transferred to US companies. This decision is based on new safeguards and measures put in place by the US to meet data protection requirements. The adequacy decision includes, among other things, restrictions and safeguards on access to data by US intelligence agencies. Binding safeguards were introduced to limit US intelligence agencies' access to what is necessary and proportionate to protect national security. In addition, enhanced oversight of US intelligence activities was established to ensure that restrictions on surveillance activities are respected. An independent redress mechanism has also been established to handle and resolve complaints from European citizens about access to their data. The EU-US data protection framework thus allows European companies to transfer data to certified US companies without having to introduce additional data protection safeguards. A list of all certified companies can be found at the following link: https://www.dataprivacyframework.gov/s/participant-search.

A change in the European Commission's decision cannot be ruled out.

Hosting and Content Delivery Networks (CDN)

External hosting

Our website is hosted on a server of the following Internet service provider (hoster):

Has a data processing agreement been concluded with the hoster or are standard contractual clauses (SCC) in place?

Yes

How do we process your data?

The hoster stores all the data from our website. This includes all personal data that is collected automatically or through entering. This can be in particular: Your IP address, pages accessed, names, contact details and requests, as well as meta and communication data. When processing data, our hoster adheres to our instructions and always processes the data only insofar as this is necessary to fulfill the service obligation to us.

On what legal basis do we process your data?

Since we address potential customers via our website and maintain contacts with existing customers, the data processing by our hoster serves to initiate and fulfill contracts and is therefore based on Art. 6 (1) lit. b) GDPR. In addition, it is our legitimate interest as a company to provide a professional Internet offering that meets the necessary requirements for security, speed and efficiency. In this respect, we also process your data on the legal basis of Art. 6 (1) lit. f) GDPR.

Use of cookies

Our website places cookies on your device. These are small text files that are used for various purposes. Some cookies are technically necessary for the website to function at all (necessary cookies). Others are needed to perform certain actions or functions on the site (functional cookies). For example, without cookies it would not be possible to take advantage of a shopping cart in an online store. Still other cookies are used to analyze user behavior or to optimize advertising measures. If we use third-party services on our website, for example to process payment transactions, these companies may also leave cookies on your device when you access the website (so-called third-party cookies).

How do we process your data?

Session cookies are only stored on your device for the duration of a session. As soon as you close the browser, they therefore disappear by themselves. Permanent cookies, on the other hand, remain on your device unless you delete them yourself. This can, for example, lead to your user behavior being permanently analyzed. You can use the settings in your browser to influence how it handles cookies:

• Do you want to be informed when cookies are set?
• Do you want to exclude cookies in general or for certain cases?
• Do you want cookies to be deleted automatically when you close the browser?

If you disable or do not allow cookies, the functionality of the website may be limited.

If we use cookies from other companies or for analysis purposes, we will inform you about this as part of this privacy policy. We also request your consent in this regard when you access our website.

On what legal basis do we process your data?

We have a legitimate interest in ensuring that our online offers can be used by visitors without technical problems and that all desired functions are available to them. The storage of necessary and functional cookies on your device therefore takes place on the legal basis of Art. 6 (1) lit. f) GDPR. We use all other cookies on the legal basis of Art. 6 (1) lit. a) GDPR, provided you give us your consent. You can revoke this at any time with effect for the future. If you have consented to the placement of necessary and functional cookies when requesting consent, these cookies will also be stored exclusively on the basis of your consent.

Cookie consent with Cookiebot

What is Cookiebot?

Cookie consent, monitoring and control software

Who processes your data?

Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark.

Where can you find more information about data protection at Cookiebot?

https://www.cookiebot.com/de/privacy-policy/

How do we process your data?

We use Cookiebot to obtain your consent to store cookies on your device and to document it in a data protection compliant manner. When you visit our website and close the cookie window of Cookiebot requesting consent, the following data is transmitted to the company:

• your IP address in anonymized form
• the date and time of the consent
• the user agent of your browser
• the URL from which the consent was sent
• an anonymous, random and encrypted key
• your consent status, which serves as proof of consent

In addition, Cookiebot stores a cookie in your browser to associate the consents given or revoked with your browser. All data collected will be stored until the cookies are no longer needed, you delete the Cookiebot cookie or request us to delete the data. This does not apply only if we are required by law to retain the data.

On what legal basis do we process your data?

We are legally obliged to obtain the consent of our website visitors for the use of certain cookies. In order to fulfill this obligation, we use Cookiebot. The legal basis for data processing is therefore Art. 6 (1) lit. c) GDPR.

Contact form

You can send us a message via the contact form on this website.

How do we process your data?

We store your message and the information from the form in order to process your request including follow-up questions. This also applies to the contact details provided. We do not pass on the data to other persons without your consent.

How long do we store your data?

We delete your data as soon as one of the following occurs:

• Your request has been conclusively processed.
• You request us to delete the data.
• You revoke your consent to the storage.

This does not apply only if we are required by law to retain the data.

On what legal basis do we process your data?

If your request is related to our contractual relationship or serves the implementation of pre-contractual measures, we process your data on the legal basis of Art. 6 (1) lit. b) GDPR. In all other cases, it is our legitimate interest to effectively process requests directed to us. The legal basis for data processing is therefore Art. 6 (1) lit. f) GDPR. If you have consented to the storage of your data, Art. 6 (1) lit. a) GDPR is the legal basis. In this case, you can revoke your consent at any time with effect for the future.

Inquiry by e-mail, telephone or fax

You can send us a message by e-mail or fax or call us.

How do we process your data?

We store your message as well as your self-made contact details or the transmitted telephone number in order to be able to process your inquiry including follow-up questions. We do not pass on the data to other persons without your consent.

How long do we store your data?

We delete your data as soon as one of the following occurs:

• Your inquiry has been conclusively processed.
• You request us to delete the data.
• You revoke your consent to the storage.

This does not apply only if we are required by law to retain the data.

On what legal basis do we process your data?

If your request is related to our contractual relationship or serves the implementation of pre-contractual measures, we process your data on the legal basis of Art. 6 (1) lit. b) GDPR. In all other cases, it is our legitimate interest to effectively process requests directed to us. The legal basis for data processing is therefore Art. 6 (1) lit. f) GDPR. If you have consented to the storage of your data, Art. 6 (1) lit. a) GDPR is the legal basis. In this case, you can revoke your consent at any time with effect for the future.

Analysis tools and advertising

We use the following tools to analyze the behavior of our website visitors and show you advertisements.

META Pixel

What is META Pixel?

Tool for analyzing user behavior that measures the effectiveness of advertising on Facebook.

Who processes your data?

Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland.

Where can you find more information about data protection at META Pixel?

https://de-de.facebook.com/about/privacy/

On what legal basis do we transfer your data to the USA?

On the basis of the European Commission's adequacy decision and the company's corresponding certification.

How can you prevent data processing?

If you have a Facebook account: Deactivate the "Custom Audiences" remarketing function in the Ad Settings section (https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen).

If you do not have a Facebook account: Disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.

How do we process your data?

We use the META Pixel on our website. The analytics tool helps us learn more about the behavior of visitors to our website after they click on one of our ads on Facebook. This allows us to measure how effective our Facebook ads are and align future advertising efforts with the insights we gain. The data that Facebook collects via the pixel is anonymous to us as the operator of this website. So we cannot identify you as a visitor. However, the data is stored and processed by Facebook. Thus, Facebook establishes a connection to your Facebook account via the pixel and, in addition, uses the data to place advertisements itself within and outside the network (cf. Facebook Data Use Policy). In the course of storage and processing, Facebook also transmits the data to the USA and other third countries.

If you have a Facebook account, you can deactivate the "Custom Audiences" remarketing function in this account in the Advertising Settings section at https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen.

If you do not have a Facebook account, it is possible to deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

On what legal basis do we process your data?

As a website operator, we have a legitimate interest in effective advertising measures on social networks. The data processing is therefore lawful according to Art. 6 (1) lit. f) GDPR. In the event that you have consented, for example, to the storage of cookies or have otherwise consented to data processing by Facebook, only Art. 6 (1) lit. a) GDPR is the legal basis. You can revoke your consent at any time with effect for the future.

Facebook Conversion API

What is Facebook Conversion API?

User behavior analysis tool that measures the effectiveness of advertising on Facebook

Who processes your data?

Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland

Where can you find more information about data protection at Facebook Conversion API?

https://de-de.facebook.com/about/privacy/

On what legal basis do we transfer your data to the USA?

On the basis of the European Commission's adequacy decision and the company's corresponding certification.

How can you prevent data processing?

If you have a Facebook account: Disable usage-based advertising in the Ads Settings section (https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen).

If you do not have a Facebook account: Disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.

How do we process your data?

We use the Facebook Conversion API on our website. The analytics tool helps us learn more about the behavior of visitors to our website after they click on one of our ads on Facebook. This allows us to measure how effective our Facebook ads are and align future advertising efforts with the insights we gain. The Facebook Conversion API processes personal data such as user IDs, cookies, device IDs, and other identifying information collected by Facebook and third-party vendors. Using this data allows us to better understand our audience and create targeted advertising campaigns. However, the data is also stored and processed by Facebook. Thus, Facebook establishes a connection to your Facebook account and, in addition, uses the data to serve advertisements itself within and outside the network (see Facebook Data Use Policy). During storage and processing, Facebook also transmits the data to the USA and other third countries.

If you have a Facebook account: Disable usage-based advertising in the Ads Settings section (https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen).

If you do not have a Facebook account, you have the option to disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.

On what legal basis do we process your data?

As a website operator, we have a legitimate interest in effective advertising measures on social networks. The data processing is therefore lawful according to Art. 6 (1) lit. f) GDPR. In the event that you have consented, for example, to the storage of cookies or have otherwise consented to data processing by Facebook, only Art. 6 (1) lit. a) GDPR is the legal basis. You can revoke your consent at any time with effect for the future.

Facebook Custom Audiences

What is Facebook Custom Audiences?

User behavior analysis tool that measures the effectiveness of advertising on Facebook

Who processes your data?

Meta Platforms Ireland Ltd, 4 Grand Canal Square, Dublin 2, Ireland

Where can you find more information about data protection at Facebook Custom Audiences?

https://de-de.facebook.com/about/privacy/

On what legal basis do we transfer your data to the USA?

On the basis of the European Commission's adequacy decision and the company's corresponding certification.

How can you prevent data processing?

If you have a Facebook account: Disable usage-based advertising in the Ads Settings section (https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen).

If you do not have a Facebook account: Disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.

How do we process your data?

We use Facebook Custom Audiences on our website. Facebook Custom Audiences is an audience targeting tool within the Facebook Ads Manager. It allows businesses to define their own target audience based on information they have about their customers or potential customers, such as email addresses, phone numbers, Facebook IDs or device IDs. Using Facebook Custom Audiences allows us to create more targeted and relevant advertising campaigns by targeting an audience we already know. Using this data allows us to better understand our audience and create targeted ad campaigns. However, the data is also stored and processed by Facebook. Thus, Facebook establishes a connection to your Facebook account and, in addition, uses the data to place advertisements itself within and outside the network (cf. Facebook Data Use Policy). During storage and processing, Facebook also transmits the data to the USA and other third countries.

If you have a Facebook account: Disable "Custom Audiences" in the Ad Settings section (https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen).

If you do not have a Facebook account, you have the option to disable usage-based advertising from Facebook on the European Interactive Digital Advertising Alliance website: http://www.youronlinechoices.com/de/praferenzmanagement/.

On what legal basis do we process your data?

As a website operator, we have a legitimate interest in effective advertising measures on social networks. The data processing is therefore lawful according to Art. 6 (1) lit. f) GDPR. In the event that you have consented, for example, to the storage of cookies or have otherwise consented to data processing by Facebook, only Art. 6 (1) lit. a) GDPR is the legal basis. You can revoke your consent at any time with effect for the future.

Google Fonts (local hosting)

We use fonts from the US company Google on our website. We have installed the fonts locally, so there is no connection to Google's servers when you visit our website.

For more information about Google Fonts, please visit https://developers.google.com/fonts/faq and read Google's privacy policy: https://policies.google.com/privacy?hl=de.

eCommerce and payment providers

Customer and contract data

How do we process your data?

When we conclude a contract with you, we require certain personal data from you. We collect, process and use this data only insofar as it is necessary to establish our legal relationship, to shape its content or to change it. If you can only use our services via our website or if the services are billed via the website, we also collect usage data insofar as this is necessary to enable you to use our offer or to bill the service used.

How long do we store your data?

We store your data until our legal relationship ends, unless we are required by law to keep the data longer.

On what legal basis do we process your data?

We store your data in order to fulfill the contract with you or to carry out pre-contractual measures. The basis of the data processing is therefore Art. 6 (1) lit. b) GDPR.

Data transfer when using services and digital content.

How do we process your data?

For the processing of the payment, we transmit your data to a payment service or the credit institution commissioned with the payment processing. We only pass on data that is absolutely necessary for the payment process. If we want to pass on data beyond this, we will obtain your consent.

On what legal basis do we process your data?

We pass on your data in order to fulfill the contract we have concluded with you. The basis of the data processing is therefore Art. 6 (1) lit. b) GDPR. If you have consented to the transfer of your data, the data processing is based on Art. 6 (1) lit. a) GDPR. You can revoke your consent at any time with effect for the future.

Other Services an data processings

Bunny.net Stream Service for providing video storage and streaming